Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-609-1
HistoryMay 06, 2008 - 12:00 a.m.

OpenOffice.org vulnerabilities

2008-05-0600:00:00
ubuntu.com
56

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.9 High

EPSS

Percentile

98.7%

JSON

Releases

  • Ubuntu 7.10
  • Ubuntu 7.04
  • Ubuntu 6.06

Packages

Details

It was discovered that arbitrary Java methods were not filtered out when
opening databases in OpenOffice.org. If a user were tricked into running
a specially crafted query, a remote attacker could execute arbitrary
Java with user privileges. (CVE-2007-4575)

Multiple memory overflow flaws were discovered in OpenOffice.org’s
handling of Quattro Pro, EMF, and OLE files. If a user were tricked
into opening a specially crafted document, a remote attacker might be
able to execute arbitrary code with user privileges. (CVE-2007-5745,
CVE-2007-5746, CVE-2007-5747, CVE-2008-0320)

OSVersionArchitecturePackageVersionFilename
Ubuntu7.10noarchlibhsqldb-java< 1.8.0.8-1ubuntu1.1UNKNOWN
Ubuntu7.10noarchlibhsqldb-java-gcj< 1.8.0.8-1ubuntu1.1UNKNOWN
Ubuntu7.10noarchopenoffice.org-core< 1:2.3.0-1ubuntu5.4UNKNOWN
Ubuntu7.10noarchlibmythes-dev< 1:2.3.0-1ubuntu5.4UNKNOWN
Ubuntu7.10noarchlibuno-cil< 1:2.3.0-1ubuntu5.4UNKNOWN
Ubuntu7.10noarchmozilla-openoffice.org< 1:2.3.0-1ubuntu5.4UNKNOWN
Ubuntu7.10noarchopenoffice.org< 1:2.3.0-1ubuntu5.4UNKNOWN
Ubuntu7.10noarchopenoffice.org-base< 1:2.3.0-1ubuntu5.4UNKNOWN
Ubuntu7.10noarchopenoffice.org-calc< 1:2.3.0-1ubuntu5.4UNKNOWN
Ubuntu7.10noarchopenoffice.org-dev< 1:2.3.0-1ubuntu5.4UNKNOWN
Rows per page:
1-10 of 861

Related

openvas 54
nessus 51
fedora 9
redhat 5
securityvulns 7
seebug 4
osv 1
debian 2
centos 3
suse 2
gentoo 2
oraclelinux 1
prion 6
ubuntucve 5
cve 6
checkpoint_advisories 2
packetstorm 1
saint 4
metasploit 1
debiancve 1
veracode 1
canvas 1
exploitdb 1
openvas
openvas
Mandriva Update for openoffice.org MDVSA-2008:095 (openoffice.org)
2009-04-09 00:00:00
Mandriva Update for openoffice.org MDVSA-2008:095 (openoffice.org)
2009-04-09 00:00:00
Fedora Update for openoffice.org FEDORA-2008-3251
2009-02-17 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:095)
2009-04-23 00:00:00
Ubuntu 6.06 LTS / 7.04 / 7.10 : hsqldb, openoffice.org/-amd64 vulnerabilities (USN-609-1)
2008-05-09 00:00:00
RHEL 4 / 5 : openoffice.org (RHSA-2008:0175)
2008-04-22 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: openoffice.org-2.3.0-6.14.fc8
2008-04-22 22:41:54
[SECURITY] Fedora 8 Update: openoffice.org-2.3.0-6.15.fc8
2008-06-11 23:35:32
[SECURITY] Fedora 7 Update: openoffice.org-2.3.0-6.8.fc7
2008-05-17 22:26:21
redhat
redhat
(RHSA-2008:0175) Important: openoffice.org security update
2008-04-17 00:00:00
(RHSA-2008:0176) Important: openoffice.org security update
2008-04-17 00:00:00
(RHSA-2007:1090) Moderate: openoffice.org2 security update
2007-12-05 00:00:00
securityvulns
securityvulns
OpenOffice multiple security vulnerabilities
2008-04-20 00:00:00
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability
2008-04-20 00:00:00
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability
2008-04-20 00:00:00
seebug
seebug
OpenOffice多个缓冲区溢出漏洞
2008-04-19 00:00:00
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
2014-07-01 00:00:00
OpenOffice HSQLDB Database Engine Unspecified Java Code Execution Vulnerability
2008-01-01 00:00:00
osv
osv
openoffice.org
2008-04-17 00:00:00
debian
debian
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution
2008-04-17 10:13:30
[SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution
2007-12-05 15:19:43
centos
centos
openoffice.org, openoffice.org2 security update
2008-04-21 09:57:54
openoffice.org security update
2008-04-17 23:18:44
hsqldb, openoffice.org security update
2008-01-19 00:14:54
suse
suse
local privilege escalation in OpenOffice_org
2008-04-18 09:57:35
remote code execution in OpenOffice_org
2007-12-11 13:56:46
gentoo
gentoo
OpenOffice.org: Multiple vulnerabilities
2008-05-14 00:00:00
OpenOffice.org: User-assisted arbitrary code execution
2007-12-30 00:00:00
oraclelinux
oraclelinux
openoffice.org security update
2008-04-18 00:00:00
prion
prion
Integer overflow
2008-04-17 19:05:00
Integer overflow
2008-04-17 19:05:00
Heap overflow
2008-04-17 19:05:00
ubuntucve
ubuntucve
CVE-2007-5746
2008-04-17 00:00:00
CVE-2007-5747
2008-04-17 00:00:00
CVE-2008-0320
2008-04-17 00:00:00
cve
cve
CVE-2007-5746
2008-04-17 19:05:00
CVE-2007-5747
2008-04-17 19:05:00
CVE-2008-0320
2008-04-17 19:05:00
checkpoint_advisories
checkpoint_advisories
OpenOffice EMF File EMR_BITBLT Record Integer Overflow (CVE-2007-5746)
2010-06-02 00:00:00
OpenOffice OLE File Stream Buffer Overflow (CVE-2008-0320)
2009-10-05 00:00:00
packetstorm
packetstorm
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
2012-05-24 00:00:00
saint
saint
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
2008-06-20 00:00:00
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
2008-06-20 00:00:00
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
2008-06-20 00:00:00
metasploit
metasploit
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
2012-05-23 15:14:11
debiancve
debiancve
CVE-2007-4575
2007-12-06 02:46:00
veracode
veracode
Remote Code Execution (RCE)
2018-09-05 01:13:14
canvas
canvas
Immunity Canvas: OOO_230
2007-12-06 02:46:00
exploitdb
exploitdb
OpenOffice - OLE Importer DocumentSummaryInformation Stream Handling Overflow (Metasploit)
2012-05-25 00:00:00

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.9 High

EPSS

Percentile

98.7%

JSON
Related for USN-609-1
openvas54nessus51fedora9redhat5securityvulns7seebug4osv1debian2centos3suse2gentoo2oraclelinux1prion6ubuntucve5cve6checkpoint_advisories2packetstorm1saint4metasploit1debiancve1veracode1canvas1exploitdb1